package com.you.common.webx.valve;

import java.net.URLEncoder;
import java.util.Iterator;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;

import com.alibaba.citrus.service.pipeline.PipelineContext;
import com.alibaba.citrus.service.pipeline.support.AbstractValve;
import com.alibaba.citrus.service.pipeline.support.AbstractValveDefinitionParser;
import com.alibaba.citrus.service.uribroker.URIBrokerService;
import com.alibaba.citrus.webx.util.WebxUtil;
import com.you.common.webx.service.SecurityMappingService;

public class SecurityCheckValve extends AbstractValve {

    @Autowired
    private HttpServletRequest  request;

    @Autowired
    private HttpServletResponse response;

    // @Autowired
    // private URIBrokerService uriBrokerService;

    // private Navigator navigator;

    // @Autowired
    // private SecurityMappingService securityMappingService;

    @Override
    public void invoke(PipelineContext pipelineContext) throws Exception {

        SecurityMappingService securityMappingService = null;
        try {

            securityMappingService = (SecurityMappingService) WebxUtil.getCurrentComponent(request).getApplicationContext().getBean("securityMappingService",
                                                                                                                                    SecurityMappingService.class);
        } catch (Exception e) {

        }
         
        if (securityMappingService != null && !securityMappingService.checkAuthentication(request)) {

            String redirectURL = request.getRequestURL().toString();
            String queryT = request.getQueryString();
            String query = getPostParms(request);
            if (query != null) {
                redirectURL = redirectURL + "?" + query;
            }
            // navigator.redirectTo("loginLink").withParameter("done", redirectURL);
            URIBrokerService uris = (com.alibaba.citrus.service.uribroker.URIBrokerService) WebxUtil.getCurrentComponent(request).getApplicationContext().getBean("uriBrokerService",
                                                                                                                                                                  URIBrokerService.class);
            String url = uris.getURIBroker("loginLink").addQueryData("done", redirectURL).render();
            response.sendRedirect(url);

            pipelineContext.breakPipeline("#TOP");

        } else {
            pipelineContext.invokeNext();
        }
    }

    private String getPostParms(HttpServletRequest request) {
        String query = "";
        StringBuffer sb = new StringBuffer();

        for (Iterator iter = request.getParameterMap().keySet().iterator(); iter.hasNext();) {
            String parmName = (String) iter.next();
            String parmValue = request.getParameter(parmName);

            try {
                sb.append(parmName + "=" + URLEncoder.encode(parmValue, "UTF-8") + "&");
            } catch (Exception e) {
            }
        }

        if (sb.length() > 0) {
            int len = sb.length();

            query = sb.substring(0, len - 1); // remove the last &
        } else {
            query = null;
        }

        return query;
    }

    public static class DefinitionParser extends AbstractValveDefinitionParser<SecurityCheckValve> {

    }
}
